DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=forbiddenpics.xyz
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 03, 2026
Valid Until
May 04, 2026 87 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C2:AA:C1:9E:27:C5:C1:50:5A:2B:55:F6:94:17:05:B2:93:6B:5D:43:8F:DB:C0:BD:1A:D2:47:EC:8E:F9:86:53
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
carrassi.com *.carrassi.com *.admin.carrassi.com *.ww25.carrassi.com *.ww38.carrassi.com *.ww5.carrassi.com

Other domains in certificate

63xmetaverse.com *.63xmetaverse.com *.ck02-8958aa4b75-9de6ee12.63xmetaverse.com *.f3f44f0b-8abb-4557-9413-fc5d4636ed89.63xmetaverse.com
cs6098.com *.cs6098.com *.ww38.cs6098.com
*.avito.food4kids.com *.blablacar.food4kids.com *.cdek.food4kids.com food4kids.com *.food4kids.com *.hostmaster.food4kids.com *.m.food4kids.com *.nalozhka.food4kids.com *.ww16.food4kids.com *.ww17.food4kids.com
forbiddenpics.xyz *.forbiddenpics.xyz *.ww38.forbiddenpics.xyz
gulfport.net *.gulfport.net *.okc1coh0001.gulfport.net *.pwhnnlitvraqzcy.gulfport.net
*.cloud.huaracha.com huaracha.com *.huaracha.com *.secure.huaracha.com *.webmail.huaracha.com *.wiki.huaracha.com
huilv.me *.huilv.me *.ww25.huilv.me *.ww38.huilv.me
*.dashboard.institutonacional.com institutonacional.com *.institutonacional.com *.owa.institutonacional.com *.smtp.institutonacional.com *.studentsvpn.institutonacional.com
internethub.xyz *.internethub.xyz *.live.internethub.xyz *.online.internethub.xyz *.shop.internethub.xyz *.site.internethub.xyz *.ww38.internethub.xyz *.xyz.internethub.xyz
mizzkangry.works *.mizzkangry.works *.secure.mizzkangry.works
*.admin.shareyourfaith.org shareyourfaith.org *.shareyourfaith.org
*.aicoin.teyehang.com teyehang.com *.teyehang.com *.xj.teyehang.com
topprivateschools.com *.topprivateschools.com *.ww25.topprivateschools.com
*.remote.vpn-helps.com vpn-helps.com *.vpn-helps.com *.ww25.vpn-helps.com *.ww38.vpn-helps.com
*.34c050a9-34fc-43a6-8f87-6ddccdc09644.yesuan01.xyz *.admin.yesuan01.xyz *.api.yesuan01.xyz *.app.yesuan01.xyz *.assets.yesuan01.xyz *.backup.yesuan01.xyz *.dev.yesuan01.xyz *.ff6c1995-8d79-4fed-a5b7-d0fa58bc9b17.yesuan01.xyz *.m.yesuan01.xyz *.oiamdszs5mr9ea3c.yesuan01.xyz *.partner.yesuan01.xyz *.reporting.yesuan01.xyz *.uat.yesuan01.xyz *.ww25.yesuan01.xyz *.ww38.yesuan01.xyz yesuan01.xyz *.yesuan01.xyz *.zssc8pzvrz9zv35r.yesuan01.xyz